
<?php
	require_once("connect_sql.php");
	
	if(!empty($_POST['name'])) {
		$username = $_POST['name'];
	} else {
		$username = "无用户名";
	}
	if(!empty($_POST['nickname'])) {
		$nickname = $_POST['nickname'];
	} else {
		$nickname = "无昵称";
	}
	if(!empty($_POST['pwd'])) {
		$password = $_POST['pwd'];
	} else {
		$password = "无密码";
	}
	if(!empty($_POST['type'])) {
		$type = $_POST['type'];
	} else {
		$type = "";
	}
	//echo $username."<br>".$nickname."<br>".$password."<br>".$register."<br>";
	
	if($type == "login") {
		$sql = 'select * from user where name="'.$username.'"';
		$result = $conn->query($sql);
		if($result->num_rows > 0) {
			$row = $result->fetch_assoc();
			if($row['pwd'] == $password) {
				setrawcookie('username', $row['name'], time() + 36000);
				setrawcookie('nickname', $row['nickname'], time() + 36000);
				setrawcookie('login', 'true', time() + 36000);
				echo 'success';
			} else {
				echo 'pwdError';
			}
		} else {
			echo $conn->error;
		}
	} else if($type == 'checkUser') {
		$sql = 'select id from user where name="'.$username.'"';
		$result = $conn->query($sql);
		if($result->num_rows > 0) {
			echo 'exist';
		} else {
            echo $conn->error;
        }
	} else if($type == 'register') {
		$sql = 'insert into user (name, nickname, pwd) values("'.$username.'", "'.$nickname.'", "'.$password.'")';
		//$sql = "insert into user (name, nickname, pwd) values(\"chengl\",\"程亮\",\"chengl\");";
        $result = $conn->query($sql);
		if(!$conn->query($sql)) {
			echo 'failed,'.mysql_error();
		} else {
			echo 'success';
			$conn->query('insert into log (user, nickname, action, date, content, sqlStr) values("'.$username.'", "'.$nickname.'", "注册", "'.date("Y-m-d").'", "用户注册", \''.$sql.'\')');
		}
	} else if($type == 'updateUser') {
		$sql = 'select * from user where name="'.$username.'"';
		$result = $conn->query($sql);
		if($result->num_rows > 0) {
			if($result['pwd'] != $_POST['oldPwd']) {
				echo 'oldPwdError';
				return;
			}
		} else {
            echo $conn->error;
        }
		
		$sql = 'update user set nickname="'.$nickname.'", pwd="'.$pwd.'" where name="'.$username.'"';
		if(!$conn->query($sql)) {
			echo 'failed,'.$conn->error;
		} else {
			echo 'success';
			$conn->query('insert into log (user, nickname, action, date, content, sqlStr) values("'.$username.'", "'.$nickname.'", "更新", "'.date("Y-m-d").'", "更新账户信息", \''.$sql.'\')');
		}
	}
?>